On Oct 16, 2007, at 9:52 PM, Brandon S. Allbery KF8NH wrote:
>> On Oct 17, 2007, at 0:39 , Donn Cave wrote:
> ...
>> As for closing file descriptors explicitly - if I remember right
>> what I've seen
>> in the NetBSD source, the UNIX popen() implementation may years ago
>> have closed all file descriptors, but now it keeps track of the
>> ones it created,
>> and only closes them. I think that's the way to go, if closing fds.
>> Either implementation causes problems; security folks tend to
> prefer that all file descriptors other than 0-2 (0-4 on Windows?)
> be closed, and 0-2(4) be forced open (on /dev/null if they're not
> already open). But in this case, the idea is to set FD_CLOEXEC on
> (and only on) file descriptors opened by the Haskell runtime, so
> you would get the same effect as tracking file descriptors manually.
I can't speak for security folks, but for me, the way you put it goes
way too far.
The file descriptors at issue were opened by runInteractiveProcess, and
FD_CLOEXEC on them would solve the whole problem (I think.) Is that
what you mean? To set this flag routinely on all file descriptors
opened in
any way would require a different justification, and it would have to
be a
pretty good one!
Donn Cave, donn at drizzle.com